3 Replies Latest reply on Apr 17, 2013 11:32 AM by speedy

    SSO authorization for ad users with spaces in their names

      Hello

      I'm using Openfire
      3.8.1 with Windows Server 2008 R2 and Spark 2.6.3 Clients on XP, Win 7 and 8.

      I have recently switched to SSO using this tutorial: http://community.igniterealtime.org/docs/DOC-1362

      Login for users with no blank spaces in their usernames works without any flaws.

      But: Users with blank spaces in the username get following error message:
      Single Side Logon Failed - Please check your preferences

       

      The openfire debug shows the following for User "Test Test":


      2013.04.16 16:36:24 org.jivesoftware.openfire.auth.AuthorizationManager - AuthorizationManager: Trying Default Policy.authorize(test\20test , Test Test@EXAMPLE.LOCAL)

      2013.04.16 16:36:24 org.jivesoftware.openfire.auth.DefaultAuthorizationPolicy - DefaultAuthorizationPolicy: usernames don't match (test\20test Test Test)

      2013.04.16 16:36:24 org.jivesoftware.openfire.net.SASLAuthentication - SASLAuthentication: SaslException

      javax.security.sasl.SaslException: Problem with callback handler [Caused by javax.security.sasl.SaslException: Test Test@EXAMPLE.LOCAL is not authorized to connect as test\20test]

      ...

      Caused by: javax.security.sasl.SaslException: Test Test@EXAMPLE.LOCAL is not authorized to connect as test\20test

       

      code snippet from DefaultAuthorizationPolicy.java:

       

      if(!userUser.toLowerCase().equals(authenUser.toLowerCase())){

          if (Log.isDebugEnabled()) {

              Log.debug("DefaultAuthorizationPolicy: usernames don't match ("+userUser+" "+authenUser+")");

          }

          return false;

      }

       

      What am I doing wrong? It is possible to use with usernames with spaces?